[Buildroot] [PATCH] package/nodejs: security bump to version 12.22.4
Peter Korsgaard
peter at korsgaard.com
Sun Aug 8 19:35:54 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> - CVE-2021-22930: Use after free on close http2 on stream canceling (High)
> Node.js is vulnerable to a use after free attack where an attacker might
> be able to exploit the memory corruption, to change process behavior.
> Drop 0002-Fix-build-with-ICU-68.patch as this is now fixed upstream since
> https://github.com/nodejs/node/commit/e459c79b02
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list